Hot fix V77016 addresses the issue(s) in SAS Web Server 9.4_M3 as documented
in the Issue(s) Addressed section of the hot fix download page:
http://ftp.sas.com/techsup/download/hotfix/HF2/V77.html#V77016
V77016 is a "container" hot fix that contains the following "member" hot fixes which will update the software components
as needed.
V75007 updates SAS Web Server 9.42
Before applying this hot fix, follow the instructions in SAS Note 35968 to
generate a SAS Deployment Registry report, then verify that the appropriate product releases are installed on your system. The
release number information in the Registry report should match the 'member' release number information provided above for the
software components installed on each machine in your deployment.
The hot fix downloaded, V77016pt.zip, includes the updates required for all components listed above on all applicable operating systems. To apply this hot fix on multiple machines, you can either save V77016pt.zip on each machine or save it in a network location that is accessible to all machines.
Do NOT extract the contents of V77016pt.zip. The hot fix installation process will extract the contents as needed.
This hot fix requires that your software must already be configured prior to installation. If no configuration directory exists at the time of installation, security updates built into this hot fix will not be completed, leaving your software in a vulnerable state.
The hot fix will be applied using the SAS Deployment Manager. By default, the SAS Deployment Manager will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory.
After downloading V77016pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.4: User's Guide.
Please review the CONFIGURATION Important Note above concerning proper selection of the "Configure SAS Hot Fix" option in the SAS Deployment Manager.
The hot fix installation process generates the log file
<!SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.logfor example, IT_2011-10-31-13.18.21.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.
Postexec log files are created after the installation is completed and identifies the files that were added, backed up, changed and removed. These log files include the ‘member’ hot fix id in the name of the file and are also written to the <!SASHOME>/InstallMisc/InstallLogs directory. There is one postexec log for each ‘member’ hot fix applied (member hot fixes are listed at the top of these instructions).
If your SAS Web Server is configured for TLS, you will need to install the latest Java 7 Update. Please visit the Updates for Java 7 download page for the latest available updates.
IMPORTANT NOTES Regarding hot fix updates:
LoadModule sm_module "C:/Program Files (x86)/CA/webagent/bin/mod_sm24.dll"For UNIX deployments, the name of the library is libmod_sm24.so instead of mod_sm24.dll.
SmInitFile "C:/SAS/Config/Lev1/Web/WebServer/conf/WebAgent.conf"
The standard locations of the JAR files on the SAS Web Server node are (note that "LevX" refers to the configuration level directory, such as Lev1):
<SASConfig>/LevX/Web/Scripts/WebServer/lib/commons-collections.jarCopy the files above to the following locations on the other nodes if the directory exists:
<SASConfig>/LevX/Web/Scripts/WebServer/lib/groovy-all.jar
<SASConfig>/LevX/Web/Scripts/WebServer/lib/commons-collections.jar
< SASConfig>/LevX/Web/Scripts/WebServer/lib/groovy-all.jar<SASConfig>/LevX/Web/Scripts/AppServer/lib/commons-collections.jar
< SASConfig>/LevX/Web/Scripts/AppServer/lib/groovy-all.jar<SASConfig>/LevX/Web/Scripts/SASEnvironmentManager/lib/commons-collections.jar
< SASConfig>/LevX/Web/Scripts/ SASEnvironmentManager/lib/groovy-all.jar<SASConfig>/LevX/Web/Scripts/SASEnvironmentManagerAgent/lib/commons-collections.jar
< SASConfig>/LevX/Web/Scripts/SASEnvironmentManagerAgent/lib/groovy-all.jar
Replace the line
Listen 80with the following line:
Listen localhost:7980IMPORTANT NOTE: If you use a non-default port, please enter that port number instead of the one listed above
Locate the following lines for the certificate file and key file and enter the correct filenames: SSLCertificateFile "ssl/myhost.crt"
SSLCertificateKeyFile "ssl/myhost.key"
SSLCertificateChainFile "ssl/myhost.crt
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
Replace the lineHeader set Strict-Transport-Security "max-age=31536000"with the following line:#Header set Strict-Transport-Security "max-age=31536000"
This completes the installation of hot fix V77016 on Linux for x64.
Copyright 2017 SAS Institute Inc. All Rights Reserved.